This Holiday Season, EstesGroup would like to give you “12 Days of ECHO” tips and tricks for those ERP System Admins out there.
We understand this time of year there is a lot going on for companies, such as: year end preparations, budgeting for the next year, personnel changes, and company shifts, etc. So that being the case, we wanted to bring a bit of humor and help to your holiday.
Businesses who are happy with the money they’re making and don’t wish to grow or to improve their relationships with their customers often don’t think about the need for ERP software. However, those businesses are few and far between. For the rest of us, the need for streamlined business processes has never been greater. ERP software helps businesses remain competitive by providing tools necessary for operating efficiently.
Why Do We Need an ERP System?
Gone are the days of companies have an employee or a department specifically devoted to manually entering information. Gone are the days when customers only had one choice when it came time to order the products they need. Today’s business processes must be done quicker and more efficiently than ever in order for a company to keep pace with its customers’ demands. An ERP package helps you to provide quick, accurate, and efficient service to your customers by providing a centralized hub in which all of the data from the various departments is managed.
The following symptoms show that your business is ready for an ERP package:
You’ve outgrown your business software and it is no longer capable of doing all of the things you need it to do.
Your existing business processes often result in missed deadlines, wasted materials, unused machines or labor, and other inefficiencies.
You need to track data across existing systems or in multiple departments and you’re unable to do so.
You don’t have the transparency you need in all aspects of your business to make informed decisions as to future opportunities.
Your employees are often tied up with tasks that could be automated.
There is little communication or information sharing between the various groups in your organization.
You’re spending too much on licensing fees, staffing, training, operations, and labor all for the sole purpose of integrating multiple applications.
Should Every Business Buy an ERP Package?
The simple answer to this question is: Yes. While small to medium businesses may be able to get by on a patchwork of different software, multiple systems are less effective for your business processes as they quickly become outdated and also require a lot of manual and duplicate entries. ERP systems streamline the various processes you use in your day-to-day operations, working off the same, shared database. This not only gives you a complete view of all of your processes and how they relate to one another, but also improve collaboration and provide you with the analysis you need to make decisions that will impact your bottom line.
Additional reasons why every business should buy an ERP package include:
Automated management of business tasks which free up employee time for other critical work.
Reducing errors that come with manual entry, saving your company’s precious resources, including money and time.
Increased productivity due to real-time coordination between groups within your organization.
Creation of a clear audit paper trail that can withstand the compliance regulations of your industry.
Reduction of labor costs and IT expenses.
Improving customer relationship management by allowing your sales department to have the information they need about the customers they deal with and the information they need to know about inventory and availability.
Flexibility to handle organizational growth and its impacts to each individual department.
Knowing that your software is up-to-date, secure, and maintained and that there is support available if you should have any questions.
We Can Help
EstesGroup is the leading consultancy for enterprise resource planning and Epicor products, including Epicor Kinetic ERP and Prophet 21. We also provide ERP consultations for SYSPRO and Sage ERP, and we provide the highest level of help to your team regardless of what system you select for your business. We will not guide you toward our own products if they are not a good fit for you. Contact us today for a free, in-depth consultation so that we may discuss your business processes with you and find a solution that will advance your company’s initiatives.
Are you looking for an ERP system, or do you have questions about what ERP is best for your business?
Looking California When You’re Feeling Minnesota: Where is the Best Data Center Location?
For manufacturing companies, the advent of “cloud computing” has raised a lot of questions. Luckily, you don’t have to wander lonely as a cloud to find answers to your questions surrounding cloud solutions for your business. Not as complicated as a cumulonimbus or as feathery as a cirrus, a cloud in the field of technology is as simple, or as complicated, as someone else’s computer. But of the many questions a manufacturer may have, one frequently surfaces in relation to the location of the data: “So where is my data located, anyway?”
This isn’t a small squall of a question: if you are looking for an on-premise installation or a server stack in the cloud, your primary and secondary data centers’ location is a decision of atmospheric proportions—one with direct business impact.
Whether choosing hosted or cloud solutions, your data center location is critical. You must be wary of where exactly your data center servers are located, for all clouds are not created equal. Downtime is the great fear when it comes to all things computing, and is often the result of natural disasters—and do you remember how long it took to get the power grid functioning in Puerto Rico after hurricane Maria? Clearly, minimizing the risks of mother nature is a central concern. Let’s take a down-to-earth look at some of the natural dangers facing your company’s data.
Earthquakes
When I worked in Arkansas a number of years ago, in an area that was on the edge of the New Madrid seismic zone, I noticed the strange cross-bracing in one of the factories, and I asked a local about it. He explained the seismic risks in the area, and recounted the family lore about the quake of 1812. Then he looked me square in the eye and said, “Whatever you do, don’t blame Arkansas—it wasn’t our fault.”
It can be a surprise to discover that one the largest earthquakes in North America’s recorded history was not along the California coast but was actually along the New Madrid seismic zone in Missouri—of all places! This was the quake that briefly caused the Mississippi River to run upstream back in 1812, the year almost exclusively famous for the conflict between America and England. But while the Americans were locked in battle with the British on the East Coast, they were unwittingly losing the war with nature in the Midwest.
This might serve as a warning if you locate your data center in a seismic zone—if your server gets death-rattled into oblivion, it’ll be your own fault.
Tornadoes
Nothing can lay your blades out like a deck of 52 quite like a tornado. Tornadoes pry open buildings like nature’s proverbial can opener, allowing copious rain and debris to decorate your server room like a third grade art project, and you don’t want to see your data garnished with nature’s glitter. Tornadoes pose a risk not only to your data center itself, but they also tend to knock out your primary—and even your secondary power supplies. Backup generators are often located adjacent to a building, making them a potential target for mother nature’s twisted wrath. So while a twister might leave a building unscathed, it might take out your external generator, rendering backup power systems useless. Of course, that’s a moot point if the contents of your data center are laid out across the lawn like your laundry, for all to see. Luckily, a proper data center location can help you avoid an unfortunate game of 52-pickup.
Floods
I reached out to one of my customers after a series of tornadoes ripped through Oklahoma, and he gave the all-clear: “The twisters missed us, but the water levels are so high, some folks can’t get into work.” That is to say, a natural disaster can be more sneaky than a weather channel headline. While things like tornadoes get a lot of attention, water levels can do a lot more damage over time. As such, one might think twice about locating a data center on a floodplain. While all my gamer buddies are hyped over water-cooled CPUs, I don’t quite think this is what they’re referring to.
Hurricanes
Hurricanes amount to the worst of wind and water, with the ability to pummel your data center into paste from above, or dissolve it into a silicon solution from below. And while the zone immediately affected by hurricanes is rather small, the extended zone where hurricane-related storms transform into inland berserkers is much larger. Locating your stacks in a place that is far-removed from the hurricane fallout zone will serve you well in reducing wind and water risks.
Heat
Another sneaky disaster when it comes to all things electronic is heat. Not too long ago, I was in Charlotte, NC with a coworker. One morning after breakfast, we were about to head to the customer site when my coworker ran back into the hotel to retrieve his coffee mug, leaving me in the parking lot. I stood out in the morning heat for maybe a minute or two. Now, being a Canadian, I generally overheat reading the newspaper, and the morning temp in Charlotte was obliterating. By the time we got to carpooling, I was already a puddle. And this was still in the early morning! Servers are like Canadian consultants—they work better in temperate climates. When choosing a shack to hang your racks, look to locate it in a place where your cooling systems won’t be fighting a losing battle with the heat index. Servers generate enough heat on their own—they don’t need any help!
The Cloud
While the notion of “The Cloud” brings with it visions of the ethereal, it is in reality quite terrestrial in nature. Hosting a customer’s ERP system is a huge responsibility, and not one to be taken lightly. The cloud itself can be just as risky as a hurricane. As such, the EstesGroup is all about maximizing service while minimizing risk. In support of our Epicor Hosting initiative, we keep our data center located in Michigan, which has a favorable climate for keeping servers cool as a cucumber, while avoiding the many environmental pitfalls noted above. Moreover, by having our data center location in the Midwest, we provide centrality that allows us to rapidly service a broad region. With optimal location and cloud infrastructure, the team at EstesGroup can serve your business needs by providing ideal solutions for your data, regardless of the weather.
If you find yourself looking to the sky for answers to your worldly business questions, please give our team a call.
I’ve seen enough of Epicor ERP installations to know that a finely tuned system needs… fine-tuning. Perhaps that’s obvious, but nonetheless, I’ve seen many deployments where Epicor ERP is installed, but not set up optimally. One area that has my bits all scrunched up is anti-virus, sometime called anti-malware, or malware protection. I’ll just call it anti-virus for purposes of this discussion.
Each vendor does it a little differently, but there are three primary aspects to worry about.
Real-time scanning
Scheduled scans
Injection into an application
Depending on the tool and the configuration, you might have one or all three at play, on both your SQL and Epicor ERP servers. Done right, they’ll do their job, keep you protected, and stay out of your way. Done wrong, and your performance, reliability, and up-time will suffer.
Now, in my humble opinion, a dedicated, patched, protected, and behind the firewall SQL server needs no anti-virus – it’s not a file server, nor a SharePoint server, nor do any end-users directly interact with it. Your installation might be different, check your exposure! Anti-Viruson a SQL server, improperly configured, will just slow it down and give you headaches. If you can avoid it, do so. Of course, your company policy might require AV installations on ALL servers. Please follow Microsoft’s guidance for choosing anti-virus software to run on SQL Servers, including their exclusions. Some AV software will recognize SQL and exclude automatically, but don’t assume that to be the case.
Epicor ERP is another animal. By definition, an Epicor ERP application server is also a file server and is often exposed to the internet in some capacity. Therefore, in addition to your firewalling, patching and backups, make sure to protect your Epicor ERP Application servers with anti-virus – with the proper exclusions.
Some anti-virus platforms let you do the exclusions on the end-point, others require a central management console. Many enterprises have a team to handle it. Either way, set up the exclusions and then test them by dropping a copy of the test malware Eicar (from eicar.org) into one of the folders. The file won’t execute (since it’s an OLD win16 file), but if AV is scanning that folder, it’ll pluck it out and you’ll know AV is active in that folder.
Replace the X: with the volumes you’ve deployed Epicor ERP on. Not all installations will have all these folders, depending on the extensions and add-ons deployed.
I just need to get this off my chest – so bear with me.
First off, I’ve been doing sysadmin work for scores of years now, and the idea of backups, business continuity, and “bad guys” isn’t new. However, this week it was brought to a new and interesting head for one small business.
Rewind the clock two years and we were in the conversation with this business about where they host their “golden nuggets” of their business, what servers did what, where were the users, how did the backups fare, state of malware, web filtering protection, etc. You know, all the “normal” stuff any qualified IT provider would ask a prospective customer. “We’re fine” was the answer – they had an in-house IT guru watching all that stuff. However, they did make a (wise) decision to host their ERP solution with us.
Last week, our monitoring went suspiciously quiet, it looked like the company went on vacation, or they had fallen asleep at the keyboard. I reached out to the company, and was informed that they had been the victim of the latest ransomware attack, and all their documents were encrypted and unusable. Thankfully, since they were hosting their ERP system with us, that was safe from the attack. All their ERP data was secure but everything else they controlled was locked. Backups proved unreliable or inaccessible, so the ransom was paid. The company got lucky and the recovery key worked and they got their documents back. What they didn’t get back was Active Directory. Ouch! Nobody could login, even though their documents were back on a server, nobody could access them.
A week later, a new domain, and new profiles on everyone’s desktop, new shares, new permissions, and they were back up and running. After everything, the company is back to doing business, but it could have been a much worse situation. A critical note: the ERP system was never at risk and no ERP data was lost since that was safely stored elsewhere.
Moral of the story:
Test your backups. Not just documents, but the whole server. How long does it take to get it back? It should not be more than a few hours.
Just because you can restore files doesn’t mean you can go out, buy a new server and restore your existing workload onto a new server.
If you can’t live without it, and you don’t have the in-house expertise to manage it – outsource it! Let the pros handle the critical IT while you do what you do best: making essential product and making your business grow.
We’ve all done it, at least once. Some of us maybe more than a couple of times, and I know there’s few that are repeat offenders. You know what I’m talking about – the bane of the security admin’s existence – default passwords.
Those are the usernames and passwords that come with every device. Even in this day and age, most systems don’t REQUIRE you to change the credentials that get you system admin rights. The bad guys know that and use it to their advantage.
When most of our business and personal systems are protected with just a name and a basic password (and maybe a trusted network range?), that’s pretty easy pickings for someone with a brute force tool or a sniffer to find out your secrets. And once the bad guys have your credentials, then what? Well after that is when the real dangers begin.
When’s the last time you changed your voicemail PIN from 0000? Perhaps your home router is still admin/password even though the FBI issued a warning for everyone to change it? And how many ERP users keep system admin “manager” around with the default password of… you guessed it. And those accounts open the door wide to anyone wanting to get in; good and bad.
If you have systems exposed to the bad guys (and we all do!) then this post is for you. STOP IT! Even if you told me “Well, none of those systems are internet exposed”, I’d ask “where are the bad actors in your network?”. If you said “outside the firewall”, I’d respond with something like “I dare you to create a share/folder called “payroll” and see how long some curious netizen (aka employee) fell into that folder looking for something juicy.
Imagine splaying your entire infrastructure wide open to someone who just happened to know that Netgear uses admin/password for all their routers? Or that your company name is NOT a good password?
So what’s a concerned system admin gonna do? It’s easy in theory and hard in practice. Here are some digital security tips that will create a stronger password security strategy:
1. Change the default username and change the default password.
2. Start using stronger passwords, not P@ssw0rd. We recommend pass phrases, or a sentence that you can remember but the bag guys will have a hard time guessing.
3. Enable account lockout so that if “x” bad passwords are guessed in a row, the account is locked FOREVER (not reset after 10 minutes, thank you Microsoft). Helpdesk notification of such a lockout will put you in the know.
4. Remove admin credentials from being used on untrusted networks. Yes, your users are untrusted! Create a management VLAN, or a specific set of IP’s that can RDP, or shutdown the access from outside devices altogether.
5. Enable multi-factor authentication. This can easily be enabled in Office 365 and Active Directory, and if your devices leverage that directory then they automatically get that 2FA protection as well.
6. Hack yourself! Run a network scanner, or hire an outsourced IT firm to investigate for you, find the unsecured devices and fix them before the bad guys do.
7. Let us help you! We can run an ethical scan IT Assessment Detective scan of your systems, attempt to break into your systems, and give you a full reporting of your IT weaknesses. As “they say” knowledge is power.
So, don’t let your next phone call to the EstesGroup be “help me, I got hacked!” And let our managed IT services company help you run your business better with a strong password security strategy – before the bad guys teach you a lesson.
Interested in Outsourcing your IT? Or have a question on data security? Ask us, we would love to chat.
For manufacturing companies, the advent of “cloud computing” has raised a lot of questions. Luckily, you don’t have to wander lonely as a cloud to find answers to your questions surrounding 
I just need to get this off my chest – so bear with me. 
We’ve all done it, at least once. Some of us maybe more than a couple of times, and I know there’s few that are repeat offenders. You know what I’m talking about – the bane of the security admin’s existence – default passwords.